Re: Failing Autotests / Bugs
Am 22.08.2011 13:08, schrieb Lester Caine:
> Reindl Harald wrote:
>> there should be placed diff-files for security fixes directly on the download-page
>> they could be easily included in rpmbuild/spec-file if they are matching to the latest
>> tar.bz2, but the current release process does not support this and forces users
>> if they wanting their machines as secure as possible to grab in the VCS manually
>> and hoping make no mistake by making this on their own - it is a hughe difference
>> for a administrator innclude provided patches in a spec-file or deal with the
>> whole php-source
>
> Actually this is possibly another argument for a properly managed DVCS setup? On other projects
> I can pick
> critical commits and apply them, and it flags when other bits need to be implemented as well.
> Almost does away
> with the need to produce actual releases, but you do need to differentiate security fixes from
> simple 'improvements'?
this has really nothing to do with DVCS
a patch is security-critical or not and if he is atomic enough to be sure that
there are no big side-effects to expect it woulld be really fine to include
it directly on the download-page with short-decritpion and date
so any linux-distribution or people like i who are building there owm RPMs
based on them of the distribution can easily download and include in SPEC-file
without touching the released tar.bz2 what gives the benefit that the patch
can be reverted by adding a simple # before the line in the SPEC-file
this is the biggest benefit of rpmbuild, you never have to touch the tarball
because rpmbuild is creating a new clean build-environment, unpacking the tarball
in it and applying patches from SPEC directly before compile the source
Attachment: [application/pgp-signature] OpenPGP digital signature signature.asc
Thread (30 messages)